Skip to main content
Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Get full component data and automated fixes with Sonatype Guide.
Sign up for free
maven
org.codehaus.sonar-plugins
sonar-pdfreport-plugin
1.4
sonar-pdfreport-plugin 1.4
Latest
org.codehaus.sonar-plugins
Published
Feb 9, 2015
•
Policy
compliance
maven Registry
Developer Trust Score
Recommended Version:
x.y.z
Recommended upgrade that meets your policy.
Compare Versions
Overview
Overview
Versions
1
Versions
1
Vulnerabilities
20
Vulnerabilities
20
Dependencies
4
Dependencies
4
Reset filters
Severity
Critical
(0)
High
(0)
Medium
(0)
Low
(2)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
3.7
sonatype-2019-0673
BouncyCastle - Denial of Service (DoS)
affected
Severity
Low
Published
Mar 9, 2020
3.7
CVE-2016-1000346
In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation.
affected
Severity
Low
Published
Apr 6, 2017
